529 matches found
CVE-2024-9398
By checking the result of calls to window.open with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...
CVE-2024-9398
By checking the result of calls to window.open with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...
Security Vulnerabilities fixed in Firefox 131 — Mozilla
A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible.This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffecte...
Mozilla Thunderbird < 115.12
The version of Thunderbird installed on the remote Windows host is prior to 115.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-28 advisory. - By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if...
CVE-2024-5690
Vulnerability CVE-2024-5690 affects Mozilla Firefox and Thunderbird components via a timing-attack on external protocol handler detection. Affected products explicitly include Firefox < 127, Firefox ESR < 115.12, and Thunderbird
Security Vulnerabilities fixed in Firefox 127 — Mozilla
If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the Referer and Sec- headers, meaning there is the potential for incorrect...
RHEL 7 : firefox (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - firefox: Possible integer overflow to fix inside XMLParse in Expat CVE-2016-9063 - firefox: arbitrary cod...
RHEL 8 : firefox (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - firefox: mixed content warning is not displayed when HTTPS page loads a favicon over HTTP CVE-2018-12403 ...
GLSA-202405-15 : Mozilla Firefox: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202405-15 Mozilla Firefox: Multiple Vulnerabilities - When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects...
GLSA-202405-03 : Dalli: Code Injection
The remote host is affected by the vulnerability described in GLSA-202405-03 Dalli: Code Injection - A vulnerability was found in Dalli. It has been classified as problematic. Affected is the function self.metaset of the file lib/dalli/protocol/meta/requestformatter.rb of the component Meta...
Dalli: Code Injection
Background Dalli is a high performance pure Ruby client for accessing memcached servers. Description A vulnerability was found in Dalli. Affected is the function self.metaset of the file lib/dalli/protocol/meta/requestformatter.rb of the component Meta Protocol Handler. The manipulation leads to...
Mobatek MobaXterm 11.1 / 12.1 (CVE-2019-16305)
The version of Mobatek MobaXterm installed on the remote host is 11.1 and 12.1. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-16305 advisory. - In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. A crafted link can trigger a popup...
SUSE CVE-2024-1555
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox 123...
CVE-2024-1555
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox 123...
CVE-2024-1555
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox 123...
CVE-2024-1555
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox 123...
UBUNTU-CVE-2024-1555
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox 123...
CVE-2024-1555
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox 123...
CVE-2024-1555
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox 123...
Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6562-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6562-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially explo...